Is local/gohome safe?

https://github.com/openclaw/skills/tree/main/skills/local/gohome

92
SAFE

This is a legitimate home automation skill that provides documentation for interacting with a GoHome system via CLI commands and HTTP endpoints. The skill includes good safety practices like requiring explicit approval for write operations and contains no malicious code or behavior.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 85/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (3)

LOW References external plugin -15

The skill metadata references an external plugin 'github:joshp123/gohome' which could potentially introduce risks if installed separately.

INFO Network activity during installation -10

Expected network connections to GitHub during git clone operation.

INFO Contains shell command examples -5

Includes bash command examples in documentation, but these are legitimate CLI usage instructions.